wip

- Closes #28

backend/ChangeLog.md

@@ -0,0 +1,5 @@
+# Revision history for backend
+
+## 0.1.0.0 -- YYYY-mm-dd
+
+* First version. Released on an unsuspecting world.

backend/LICENSE

@@ -0,0 +1,30 @@
+Copyright (c) 2018, Mats Rauhala
+
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+
+    * Redistributions in binary form must reproduce the above
+      copyright notice, this list of conditions and the following
+      disclaimer in the documentation and/or other materials provided
+      with the distribution.
+
+    * Neither the name of Mats Rauhala nor the names of other
+      contributors may be used to endorse or promote products derived
+      from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

backend/Setup.hs

@@ -0,0 +1,2 @@
+import Distribution.Simple
+main = defaultMain

backend/backend.cabal

@@ -1,7 +1,7 @@
--- Initial ebook-manager.cabal generated by cabal init.  For further
+-- Initial backend.cabal generated by cabal init.  For further
 -- documentation, see http://haskell.org/cabal/users-guide/
 
-name:                ebook-manager
+name:                backend
 version:             0.1.0.0
 -- synopsis:
 -- description:
@@ -15,29 +15,29 @@ build-type:          Simple
 extra-source-files:  ChangeLog.md
 cabal-version:       >=1.10
 
-executable ebook-manager
+executable backend
   main-is:             Main.hs
   other-modules:       Devel.Main
-                     , API
-                     , API.Books
-                     , API.Catalogue
-                     , API.Channels
-                     , API.Users
-                     , Configuration
-                     , Data.Versioned
                      , Database
                      , Database.Book
                      , Database.Channel
                      , Database.Schema
+                     , Database.Tag
                      , Database.User
                      , Datastore
                      , Servant.XML
                      , Server
+                     , Server.API
+                     , Server.API.Books
+                     , Server.API.Catalogue
+                     , Server.API.Channels
+                     , Server.API.Users
                      , Server.Auth
                      , Types
                      , View
   -- other-extensions:
   build-depends:       base >=4.10 && <4.11
+                     , common
                      , aeson
                      , asn1-data
                      , asn1-types
@@ -79,8 +79,8 @@ executable ebook-manager
                      , xml-conduit
                      , xml-hamlet
   hs-source-dirs:      src
+  default-language:    Haskell2010
   default-extensions:  DeriveGeneric
                      , NoImplicitPrelude
                      , OverloadedStrings
                      , RecordWildCards
-  default-language:    Haskell2010

backend/src/Database.hs

@@ -11,6 +11,7 @@ module Database
   , fromRel
   , fromRels
   , toRel
+  , transaction
   , SeldaT )
   where
 
@@ -18,7 +19,7 @@ import Data.Generics.Product
 import Control.Lens (view)
 import Data.Pool (Pool, withResource)
 import Database.Selda.Backend (SeldaConnection, runSeldaT, SeldaT)
-import Database.Selda (query, select)
+import Database.Selda (query, select, transaction)
 import Database.Selda.Generic (gen, fromRel, fromRels, toRel)
 import ClassyPrelude
 

backend/src/Database/Book.hs

@@ -18,11 +18,17 @@ module Database.Book
   , BookID) where
 
 import ClassyPrelude
-import Database.Schema
+import Database.Schema (books, users, Username, Book(..), BookID(..), UserID, HashDigest(..))
 import Database
 import Database.Selda
 import Database.Selda.Generic
 
+import Control.Lens (view)
+import Data.Generics.Product
+
+import Database.Tag (booksTags, attachTag, clearTags)
+import Database.Channel (booksChannels, attachChannel, clearChannels)
+
 usersBooks :: (MonadSelda m, MonadMask m, MonadIO m) => Username -> m [Book]
 usersBooks username = fromRels <$> query q
   where
@@ -45,7 +51,7 @@ getBook identifier owner = listToMaybe . fromRels <$> query q
       return book
 
 data InsertBook = InsertBook { contentType :: Text
-                             , title :: Maybe Text
+                             , title :: Text
                              , description :: Maybe Text
                              , owner :: Username }
 
@@ -62,9 +68,12 @@ insertBook InsertBook{..} = do
 
 data UpdateBook = UpdateBook { identifier :: BookID
                              , contentType :: Text
-                             , title :: Maybe Text
+                             , title :: Text
                              , description :: Maybe Text
-                             , owner :: Username }
+                             , owner :: Username
+                             , tags :: [Text]
+                             , channels :: [Text] }
+                deriving (Show, Generic)
 
 bookExists :: (MonadSelda m, MonadMask m, MonadIO m) => BookID -> m Bool
 bookExists identifier = not . null <$> query q
@@ -87,17 +96,32 @@ bookOwner' identifier username = do
   return (userId :*: bookId)
 
 updateBook :: (MonadSelda m, MonadMask m, MonadIO m) => UpdateBook -> m (Maybe UpdateBook)
-updateBook book@UpdateBook{..} = do
+updateBook UpdateBook{..} = do
-  mUserId <- query (bookOwner' identifier owner)
+  clearTags identifier >> connectTags
-  forM (listToMaybe mUserId) $ \_userId -> do
+  clearChannels identifier >> connectChannels
-    update_ (gen books) predicate (\b -> b `with` [ pContentType := literal contentType
+  updateBook'
-                                                  , pTitle := literal title
+  getUpdateBook identifier owner
-                                                  , pDescription := literal description ])
-    return book
   where
+    connectTags = mapM_ (attachTag owner identifier) tags
+    connectChannels = mapM_ (attachChannel owner identifier) channels
+    updateBook' = do
+      mUserId <- query (bookOwner' identifier owner)
+      forM_ (listToMaybe mUserId) $ \_userId -> do
+        update_ (gen books) predicate (\b -> b `with` [ pContentType := literal contentType
+                                                      , pTitle := literal title
+                                                      , pDescription := literal description ])
     _ :*: _ :*: pContentType :*: pTitle :*: pDescription :*: _ = selectors (gen books)
     predicate (bookId :*: _) = bookId .== literal identifier
 
+
+getUpdateBook :: (MonadMask m, MonadIO m, MonadSelda m) => BookID -> Username -> m (Maybe UpdateBook)
+getUpdateBook bookId username = do
+  mBook <- getBook bookId username
+  forM mBook $ \Book{..} -> do
+    channels <- map (view (field @"channel")) <$> booksChannels bookId
+    tags <- map (view (field @"tag")) <$> booksTags bookId
+    return UpdateBook{owner=username,..}
+
 setContent :: (MonadSelda m, MonadMask m, MonadIO m) => BookID -> Username -> HashDigest -> m ()
 setContent identifier owner digest = do
   mOwner <- query (bookOwner' identifier owner)

backend/src/Database/Channel.hs

@@ -0,0 +1,127 @@
+{-# Language TypeApplications #-}
+{-# Language DataKinds #-}
+{-# Language NamedFieldPuns #-}
+module Database.Channel
+  ( userChannels
+  , insertChannel
+  , channelExists
+  , isChannelOwner
+  , updateChannelPrivacy
+  , attachChannel
+  , Visibility(..)
+  , clearChannels
+  , booksChannels
+  , channelBooks
+  , Channel(..)
+  , ChannelID(..) )
+  where
+
+import ClassyPrelude
+import Database.Schema
+import Database
+import Database.Selda
+import Database.Selda.Generic
+
+import Control.Monad.Trans.Maybe
+
+getChannel :: (MonadSelda m, MonadMask m, MonadIO m) => ChannelID -> m (Maybe Channel)
+getChannel identifier = listToMaybe . fromRels <$> query q
+  where
+    q = do
+      ch@(channelId :*: _) <- select (gen channels)
+      restrict (channelId .== literal identifier)
+      return ch
+
+channelExists :: (MonadSelda m, MonadMask m, MonadIO m) => ChannelID -> m Bool
+channelExists identifier = not . null <$> getChannel identifier
+
+isChannelOwner :: (MonadSelda m, MonadIO m, MonadMask m) => ChannelID -> Username -> m Bool
+isChannelOwner identifier username = not . null <$> query q
+  where
+    q = do
+      userId :*: _ :*: username' :*: _ <- select (gen users)
+      channelId :*: _ :*: channelOwner :*: _ <- select (gen channels)
+      restrict (userId .== channelOwner)
+      restrict (username' .== literal username)
+      restrict (channelId .== literal identifier)
+      return channelId
+
+userChannels :: (MonadMask m, MonadIO m) => Username -> SeldaT m [Channel]
+userChannels username = fromRels <$> query q
+  where
+    q = do
+      userId :*: _ :*: username' :*: _ <- select (gen users)
+      channel@(_ :*: _ :*: owner :*: _) <- select (gen channels)
+      restrict (owner .== userId)
+      restrict (username' .== literal username)
+      return channel
+
+updateChannelPrivacy :: (MonadMask m, MonadIO m, MonadSelda m) => ChannelID -> Visibility -> m (Maybe Channel)
+updateChannelPrivacy channelId visibility = do
+  void $ update (gen channels) predicate (\channel -> channel `with` [pVis := literal visibility])
+  getChannel channelId
+  where
+    predicate (channelId' :*: _) = channelId' .== literal channelId
+    _ :*: _ :*: _ :*: pVis = selectors (gen channels)
+
+insertChannel :: (MonadMask m, MonadIO m, MonadSelda m) => Username -> Text -> Visibility -> m (Maybe Channel)
+insertChannel username channel visibility = runMaybeT $ do
+  userId <- MaybeT (listToMaybe <$> getUser)
+  channelId <- toChannelId <$> MaybeT (insertUnless (gen channels) (doesNotExist userId) [ def :*: channel :*: userId :*: visibility ])
+  MaybeT (listToMaybe . fromRels <$> query (q channelId))
+  where
+    q channelId = do
+      ch@(channelId' :*: _) <- select (gen channels)
+      restrict (channelId' .== literal channelId)
+      return ch
+    toChannelId = ChannelID . fromRowId
+    doesNotExist userId (_ :*: channel' :*: userId' :*: _) = channel' .== literal channel .&& userId' .== literal userId
+    getUser = query $ do
+      userId :*: _ :*: user :*: _ <- select (gen users)
+      restrict (user .== literal username)
+      return userId
+
+channelBooks :: (MonadSelda m, MonadMask m, MonadIO m) => Username -> ChannelID -> m [Book]
+channelBooks username identifier = fromRels <$> query q
+  where
+    q = do
+      channelId :*: bookId' <- select (gen bookChannels)
+      channelId' :*: _ :*: owner :*: _ <- select (gen channels)
+      userId :*: _ :*: username' :*: _ <- select (gen users)
+      book@(bookId :*: _) <- select (gen books)
+      restrict (username' .== literal username .&& owner .== userId)
+      restrict (channelId .== literal identifier .&& channelId .== channelId')
+      restrict (bookId .== bookId')
+      return book
+
+booksChannels :: (MonadSelda m, MonadMask m, MonadIO m) => BookID -> m [Channel]
+booksChannels bookId = fromRels <$> query q
+  where
+    q = do
+      channelId :*: bookId' <- select (gen bookChannels)
+      ch@(channelId' :*: _) <- select (gen channels)
+      restrict (channelId .== channelId')
+      restrict (bookId' .== literal bookId)
+      return ch
+
+attachChannel :: (MonadMask m, MonadIO m, MonadSelda m) => Username -> BookID -> Text -> m ()
+attachChannel username bookId channel = do
+  mCh <- fromRels <$> query channelQ
+  forM_ mCh $ \Channel{identifier} ->
+    whenM (null <$> query (attachQ identifier)) $
+      void $ insertGen bookChannels [BookChannel identifier bookId]
+  where
+    attachQ channelId = do
+      (channelId' :*: bookId') <- select (gen bookChannels)
+      restrict (channelId' .== literal channelId .&& bookId' .== literal bookId)
+      return channelId'
+    channelQ = do
+      userId :*: _ :*: username' :*: _ <- select (gen users)
+      ch@(_ :*: channel' :*: owner :*: _) <- select (gen channels)
+      restrict (username' .== literal username)
+      restrict (owner .== userId)
+      restrict (channel' .== literal channel)
+      return ch
+
+clearChannels :: (MonadMask m, MonadIO m, MonadSelda m) => BookID -> m Int
+clearChannels bookId = deleteFrom (gen bookChannels) (\(_ :*: bookId') -> bookId' .== literal bookId)

backend/src/Database/Schema.hs

@@ -18,9 +18,6 @@ newtype PlainPassword = PlainPassword Text deriving (Show, ToJSON, FromJSON, ToH
 newtype HashedPassword = HashedPassword {unHashed :: ByteString}
 data NoPassword = NoPassword
 
-newtype Email = Email { unEmail :: Text } deriving (Show, ToJSON, FromJSON, ToHttpApiData, FromHttpApiData)
-
-newtype Username = Username { unUsername :: Text } deriving (Show, ToJSON, FromJSON, ToHttpApiData, FromHttpApiData)
 
 instance SqlType HashedPassword where
   mkLit = LCustom . LBlob . unHashed
@@ -42,9 +39,9 @@ instance SqlType Username where
 
 newtype UserID = UserID {unUserID :: Int} deriving (Show)
 
-newtype BookID = BookID {unBookID :: Int} deriving (Show, ToJSON, FromJSON, FromHttpApiData, Eq, Ord)
+newtype BookID = BookID {unBookID :: Int} deriving (Show, ToJSON, FromJSON, FromHttpApiData, Eq, Ord, ToHttpApiData)
 
-newtype ChannelID = ChannelID {unChannelID :: Int} deriving (Show, ToHttpApiData, FromHttpApiData)
+newtype ChannelID = ChannelID {unChannelID :: Int} deriving (Show, ToHttpApiData, FromHttpApiData, ToJSON, FromJSON)
 
 newtype TagID = TagID {unTagID :: Int} deriving (Show)
 
@@ -101,7 +98,7 @@ newtype HashDigest = HashDigest { unHex :: ByteString } deriving Show
 data Book = Book { identifier :: BookID
                  , contentHash :: Maybe HashDigest
                  , contentType :: Text
-                 , title :: Maybe Text
+                 , title :: Text
                  , description :: Maybe Text
                  , owner :: UserID }
           deriving (Show, Generic)
@@ -124,9 +121,22 @@ data Tag = Tag { identifier :: TagID
                , owner :: UserID }
          deriving (Show, Generic)
 
+data Visibility = Public | Private | Followers
+                deriving (Show, Read, Generic)
+
+instance ToJSON Visibility
+instance FromJSON Visibility
+
+instance SqlType Visibility where
+  mkLit = LCustom . LText . pack . show
+  fromSql (SqlString x) = fromMaybe (error "fromSql: Not a valid visibility token") . readMay . unpack $ x
+  fromSql _             = error "fromSql: Not a valid visibility token"
+  defaultValue = mkLit Private
+
 data Channel = Channel { identifier :: ChannelID
                        , channel :: Text
-                       , owner :: UserID }
+                       , owner :: UserID
+                       , visibility :: Visibility }
              deriving (Show, Generic)
 
 tags :: GenTable Tag

backend/src/Database/Tag.hs

@@ -0,0 +1,61 @@
+{-# Language TypeApplications #-}
+{-# Language TypeOperators #-}
+{-# Language DataKinds #-}
+{-# Language DuplicateRecordFields #-}
+{-# Language NamedFieldPuns #-}
+module Database.Tag
+  ( def
+  , booksTags
+  , attachTag
+  , upsertTag
+  , clearTags
+  , Tag(..) ) where
+
+import ClassyPrelude
+import Database.Schema
+import Database
+import Database.Selda
+import Database.Selda.Generic
+import Control.Monad.Trans.Maybe
+
+upsertTag :: (MonadMask m, MonadIO m, MonadSelda m) => Username -> Text -> m (Maybe Tag)
+upsertTag username tag = runMaybeT $ do
+  userId <- MaybeT (listToMaybe <$> query userQ)
+  void $ lift $ upsert (gen tags) (predicate userId) id [toRel (Tag def tag userId)]
+  MaybeT (listToMaybe . fromRels <$> query (tagQ userId))
+  where
+    predicate userId (_ :*: tag' :*: owner) = tag' .== literal tag .&& owner .== literal userId
+    tagQ userId = do
+      t@(_ :*: tag' :*: owner) <- select (gen tags)
+      restrict (tag' .== literal tag .&& owner .== literal userId)
+      return t
+    userQ = do
+      userId :*: _ :*: username' :*: _ <- select (gen users)
+      restrict (username' .== literal username)
+      return userId
+
+booksTags :: (MonadMask m, MonadIO m, MonadSelda m) => BookID -> m [Tag]
+booksTags bookId = fromRels <$> query q
+  where
+    q = do
+      tagId :*: bookId' <- select (gen bookTags)
+      tag@(tagId' :*: _) <- select (gen tags)
+      restrict (tagId .== tagId')
+      restrict (bookId' .== literal bookId)
+      return tag
+
+attachTag :: (MonadMask m, MonadIO m, MonadSelda m) => Username -> BookID -> Text -> m ()
+attachTag username bookId tag = do
+  maybeT <- upsertTag username tag
+  forM_ maybeT $ \Tag{identifier} -> do
+    whenM (null <$> query (tagQ identifier)) $
+      void $ insertGen bookTags [BookTag identifier bookId]
+  where
+    tagQ tagId = do
+      (tagId' :*: bookId') <- select (gen bookTags)
+      restrict (tagId' .== literal tagId .&& bookId' .== literal bookId)
+      return tagId'
+
+clearTags :: (MonadMask m, MonadIO m, MonadSelda m) => BookID -> m Int
+clearTags bookId = deleteFrom (gen bookTags) (\(_ :*: bookId') -> bookId' .== literal bookId)
+

backend/src/Devel/Main.hs

@@ -37,7 +37,7 @@ update = do
 
 develMain :: IO ()
 develMain = do
-  conf <- input auto "./config/devel.dhall"
+  conf <- input auto "../config/devel.dhall"
   withApp conf $ \app -> do
     void $ runReaderT (runDB migrate) app
     defaultMain app

backend/src/Servant/XML.hs

@@ -1,9 +1,11 @@
 {-# Language OverloadedStrings #-}
 {-# Language FlexibleInstances #-}
 {-# Language MultiParamTypeClasses #-}
+{-# Language TypeApplications #-}
 module Servant.XML
   ( ToNode(..)
   , XML
+  , OPDS
   , Text.Hamlet.XML.xml
   , iso8601 )
   where
@@ -16,14 +18,22 @@ import Network.HTTP.Media.MediaType
 
 data XML
 
+data OPDS
+
 instance (ToNode a) => MimeRender XML a where
   mimeRender _ a =
     let [NodeElement root] = toNode a
     in renderLBS def (Document (Prologue [] Nothing []) root [])
 
+instance (ToNode a) => MimeRender OPDS a where
+  mimeRender _ a = mimeRender (Proxy @XML) a
+
 instance Accept XML where
   contentType _ = "application" // "xml" /: ("charset", "utf-8")
 
+instance Accept OPDS where
+  contentType _ = "application" // "atom+xml" /: ("charset", "utf-8") /: ("profile", "opds-catalog")
+
 iso8601 :: UTCTime -> Text
 iso8601 = pack . formatTime defaultTimeLocale "%Y-%m-%dT%H:%M:%SZ"
 

backend/src/Server.hs

@@ -12,7 +12,7 @@
 {-# Language TypeApplications #-}
 module Server where
 
-import qualified API as API
+import qualified Server.API as API
 import Server.Auth (authCheck)
 import Servant
 import Types

backend/src/Server/API.hs

@@ -9,7 +9,7 @@
 {-# Language RecordWildCards #-}
 {-# Language DeriveGeneric #-}
 {-# Language FlexibleInstances #-}
-module API (API, handler) where
+module Server.API (API, handler) where
 
 
 import Servant
@@ -18,17 +18,17 @@ import Types
 
 import View
 
-import qualified API.Users as Users
+import qualified Server.API.Users as Users
-import qualified API.Channels as Channels
+import qualified Server.API.Channels as Channels
-import qualified API.Books as Books
+import qualified Server.API.Books as Books
-import qualified API.Catalogue as Catalogue
+import qualified Server.API.Catalogue as Catalogue
 
 data Index = Index
 
 type API = Get '[HTML] (AppView Index)
       :<|> Users.API
-      :<|> "api" :> Channels.API
+      :<|> "api" :> "current" :> Channels.API
-      :<|> "api" :> Books.API
+      :<|> "api" :> "current" :> Books.API
       :<|> "api" :> "1" :> Catalogue.VersionedAPI 1
       :<|> "api" :> "current" :> Catalogue.VersionedAPI 1
 

backend/src/Server/API/Books.hs

@@ -13,7 +13,7 @@
 {-# Language TypeApplications #-}
 {-# Language DataKinds #-}
 {-# Language NamedFieldPuns #-}
-module API.Books where
+module Server.API.Books where
 
 import Servant hiding (contentType)
 import Types
@@ -21,9 +21,9 @@ import ClassyPrelude
 import Server.Auth
 import Servant.Auth as SA
 import Data.Aeson
-import API.Channels (JsonChannel(..))
 import Database.Book
 import Database.Channel
+import Database.Tag
 import Database
 import Control.Lens
 import Data.Generics.Product
@@ -36,15 +36,17 @@ import Crypto.Hash (digestFromByteString)
 
 data JsonBook = JsonBook { identifier :: BookID
                          , contentType :: Text
-                         , title :: Maybe Text
+                         , title :: Text
                          , description :: Maybe Text
-                         , channels :: [JsonChannel] }
+                         , channels :: [Text]
+                         , tags :: [Text] }
               deriving (Generic, Show)
 
 data PostBook = PostBook { contentType :: Text
-                         , title :: Maybe Text
+                         , title :: Text
                          , description :: Maybe Text
-                         , channels :: [JsonChannel] }
+                         , channels :: [Text]
+                         , tags :: [Text] }
               deriving (Generic, Show)
 
 
@@ -59,7 +61,9 @@ type BaseAPI = "books" :> Get '[JSON] [JsonBook]
        :<|> "books" :> ReqBody '[JSON] PostBook :> Post '[JSON] JsonBook
        :<|> "books" :> Capture "book_id" BookID :> "meta" :> ReqBody '[JSON] JsonBook :> Put '[JSON] JsonBook
        :<|> "books" :> Capture "book_id" BookID :> ReqBody '[OctetStream] ByteString :> Put '[JSON] NoContent
-       :<|> "books" :> Capture "book_id" BookID :> Get '[OctetStream] ByteString
+       :<|> GetBook
+
+type GetBook = "books" :> Capture "book_id" BookID :> Get '[OctetStream] ByteString
 
 handler :: ServerT API AppM
 handler user = listBooksHandler user
@@ -95,9 +99,9 @@ postBookMetaHandler auth PostBook{..} = flip requireLoggedIn auth $ \SafeUser{us
 
 
 putBookMetaHandler :: AuthResult SafeUser -> BookID -> JsonBook -> AppM JsonBook
-putBookMetaHandler auth bookId b@JsonBook{..}
+putBookMetaHandler auth bookId JsonBook{..}
   | bookId == identifier = requireBookOwner auth bookId $ \SafeUser{username=owner} ->
-        maybe (throwM err403) (const (return b)) =<< runDB (updateBook UpdateBook{..})
+        maybe (throwM err403) (return . view (super @JsonBook)) =<< runDB (updateBook UpdateBook{..})
   | otherwise = throwM err403
 
 listBooksHandler :: AuthResult SafeUser -> AppM [JsonBook]
@@ -105,5 +109,6 @@ listBooksHandler = requireLoggedIn $ \user -> do
   runDB (usersBooks (view (field @"username") user) >>= mapM augment)
     where
       augment Book{identifier=bookId,contentType,title,description} = do
-        channels <- fmap (\Channel{..} -> JsonChannel{..}) <$> booksChannels bookId
+        channels <- fmap (view (field @"channel")) <$> booksChannels bookId
+        tags <- fmap (view (field @"tag")) <$> booksTags bookId
         pure JsonBook{identifier=bookId,..}

backend/src/Server/API/Catalogue.hs

@@ -14,17 +14,19 @@
 {-# Language TemplateHaskell #-}
 {-# Language MultiParamTypeClasses #-}
 {-# Language ScopedTypeVariables #-}
-module API.Catalogue (VersionedAPI, handler) where
+module Server.API.Catalogue (VersionedAPI, handler) where
 
 import Types
-import Servant
+import Servant hiding (contentType)
 import ClassyPrelude
 import GHC.TypeLits
 import Server.Auth
 import Servant.Auth as SA
 import Servant.XML
 import qualified Database.Channel as Channel
+import Database.Book (Book(..))
 import Database
+import qualified Server.API.Books as API.Books
 
 -- This is my first try on going to versioned apis, things might change
 -- I think my rule of thumb is that you can add new things as you want, but
@@ -96,30 +98,57 @@ instance ToNode (Catalog 1) where
 
 class Monad m => VersionedCatalog m (v :: Nat) where
   getChannels :: SafeUser -> m (Catalog v)
+  getBooks :: Channel.ChannelID -> SafeUser -> m (Catalog v)
 
 instance VersionedCatalog AppM 1 where
-  getChannels SafeUser{username} = do
+  getChannels = getChannelsV1
-    updated <- liftIO getCurrentTime
+  getBooks = getBooksV1
-    let self = Rel ("/api/current/" <> selfUrl)
+
-        -- I'm not sure if this safe link approach is really useable with this
+relUrl :: Link -> Rel
-        -- api hierarchy since I can't access the topmost api from here. Also
+relUrl x = Rel ("/api/current/" <> (pack . uriPath . linkURI $ x))
-        -- authentication would bring a little bit of extra effort as well
+
-        selfUrl = pack . uriPath . linkURI $ safeLink (Proxy @(BaseAPI 1)) (Proxy @(RootCatalog 1))
+getBooksV1 :: Channel.ChannelID -> SafeUser -> AppM (Catalog 1)
-        start = self
+getBooksV1 channelID SafeUser{username} = do
-        pagination = Pagination Nothing Nothing
+  updated <- liftIO getCurrentTime
-    entries <- map (fromChannel updated) <$> runDB (Channel.userChannels username)
+  let self = relUrl selfUrl
-    pure CatalogV1{..}
+      start = relUrl startUrl
-    where
+      selfUrl = safeLink (Proxy @(BaseAPI 1)) (Proxy @(ChannelCatalog 1)) channelID
-      fromChannel :: UTCTime -> Channel.Channel -> Entry 1
+      startUrl = safeLink (Proxy @(BaseAPI 1)) (Proxy @(RootCatalog 1))
-      fromChannel updated Channel.Channel{..} =
+      pagination = Pagination Nothing Nothing
-        let url = pack . uriPath . linkURI $ safeLink (Proxy @(BaseAPI 1)) (Proxy @(ChannelCatalog 1)) identifier
+  entries <- map (toEntry updated) <$> runDB (Channel.channelBooks username channelID)
-            self = Rel ("/api/current/" <> url)
+  pure CatalogV1{..}
-        in EntryV1 channel channel updated channel (Left $ SubSection self)
+  where
+    toEntry updated Book{description,title,identifier=bookId} =
+      let content = fromMaybe "no content" description
+          identifier = pack . show $ bookId
+          link = Right (Acquisition (relUrl (safeLink (Proxy @API.Books.BaseAPI) (Proxy @API.Books.GetBook) bookId)))
+      in EntryV1{..}
+
+getChannelsV1 :: SafeUser -> AppM (Catalog 1)
+getChannelsV1 SafeUser{username} = do
+  updated <- liftIO getCurrentTime
+  let self = relUrl selfUrl
+      -- I'm not sure if this safe link approach is really useable with this
+      -- api hierarchy since I can't access the topmost api from here. Also
+      -- authentication would bring a little bit of extra effort as well
+      selfUrl = safeLink (Proxy @(BaseAPI 1)) (Proxy @(RootCatalog 1))
+      start = self
+      pagination = Pagination Nothing Nothing
+  entries <- map (fromChannel updated) <$> runDB (Channel.userChannels username)
+  pure CatalogV1{..}
+  where
+    fromChannel :: UTCTime -> Channel.Channel -> Entry 1
+    fromChannel updated Channel.Channel{..} =
+      let url = safeLink (Proxy @(BaseAPI 1)) (Proxy @(ChannelCatalog 1)) identifier
+          self = relUrl url
+      in EntryV1 channel channel updated channel (Left $ SubSection self)
 
 type VersionedAPI (v :: Nat) = Auth '[SA.BasicAuth, SA.JWT] SafeUser :> BaseAPI v
 
-type RootCatalog (v :: Nat) = "catalog" :> Get '[XML] (Catalog v)
+type CatalogContent = '[XML, OPDS]
-type ChannelCatalog (v :: Nat) = "catalog" :> "channel" :> Capture "channel_id" Channel.ChannelID :> Get '[XML] (Catalog v)
+
+type RootCatalog (v :: Nat) = "catalog" :> Get CatalogContent (Catalog v)
+type ChannelCatalog (v :: Nat) = "catalog" :> "channel" :> Capture "channel_id" Channel.ChannelID :> Get CatalogContent (Catalog v)
 type BaseAPI (v :: Nat) = RootCatalog v
                     :<|> ChannelCatalog v
 
@@ -127,6 +156,8 @@ handler :: forall v. VersionedCatalog AppM v => ServerT (VersionedAPI v) AppM
 handler auth = catalogRoot :<|> catalogChannels
   where
     catalogChannels :: Channel.ChannelID -> AppM (Catalog v)
-    catalogChannels _ = throwM err403{errBody="Not implemented"}
+    -- Channel specific catalog returns tags inside the catalog
+    catalogChannels identifier = flip requireLoggedIn auth (getBooks identifier)
     catalogRoot :: AppM (Catalog v)
+    -- catalog root returns channels
     catalogRoot = flip requireLoggedIn auth getChannels

backend/src/Server/API/Channels.hs

@@ -0,0 +1,75 @@
+{-# Language DataKinds #-}
+{-# Language TypeFamilies #-}
+{-# Language TypeOperators #-}
+{-# Language NoImplicitPrelude #-}
+{-# Language MultiParamTypeClasses #-}
+{-# Language OverloadedStrings #-}
+{-# Language TemplateHaskell #-}
+{-# Language QuasiQuotes #-}
+{-# Language RecordWildCards #-}
+{-# Language DeriveGeneric #-}
+{-# Language FlexibleInstances #-}
+{-# Language TypeApplications #-}
+{-# Language DataKinds #-}
+{-# Language DuplicateRecordFields #-}
+{-# Language NamedFieldPuns #-}
+module Server.API.Channels (API, handler, JsonChannel(..)) where
+
+import Servant
+import Types
+import ClassyPrelude
+import Server.Auth
+import Servant.Auth as SA
+import Control.Monad.Logger
+import Database
+import Database.Channel
+import Data.Aeson
+import Control.Lens
+import Data.Generics.Product
+
+data JsonChannel = JsonChannel { channel :: Text
+                               , visibility :: Visibility }
+                 deriving (Show, Generic)
+data UpdateChannel = UpdateChannel { identifier :: ChannelID
+                                   , channel :: Text
+                                   , visibility :: Visibility }
+                 deriving (Show, Generic)
+
+instance ToJSON JsonChannel
+instance FromJSON JsonChannel
+instance ToJSON UpdateChannel
+instance FromJSON UpdateChannel
+
+type API = Auth '[SA.BasicAuth, SA.Cookie, SA.JWT] SafeUser :> BaseAPI
+
+type BaseAPI = "channels" :> ReqBody '[JSON] JsonChannel :> Post '[JSON] UpdateChannel
+          :<|> "channels" :> Capture "channel_id" ChannelID :> ReqBody '[JSON] UpdateChannel :> Put '[JSON] UpdateChannel
+          :<|> "channels" :> Get '[JSON] [JsonChannel]
+
+handler :: ServerT API AppM
+handler user = newChannelHandler user :<|> updateChannelHandler user :<|> listChannelsHandler user
+
+requireChannelOwner :: AuthResult SafeUser -> ChannelID -> (SafeUser -> AppM a) -> AppM a
+requireChannelOwner auth channelId f = flip requireLoggedIn auth $ \u@SafeUser{username} -> do
+  unlessM (runDB . channelExists $ channelId) $ throwM err404
+  runDB (isChannelOwner channelId username) >>= \o -> if o then f u else throwM err403
+
+updateChannelHandler :: AuthResult SafeUser -> ChannelID -> UpdateChannel -> AppM UpdateChannel
+updateChannelHandler auth channelId UpdateChannel{visibility} = requireChannelOwner auth channelId $ \_ -> do
+  mChannel <- fmap toChannel <$> runDB (updateChannelPrivacy channelId visibility)
+  maybe (throwM err403) return mChannel
+
+listChannelsHandler :: AuthResult SafeUser -> AppM [JsonChannel]
+listChannelsHandler = requireLoggedIn $ \user ->
+  -- I could use the super thing from generic-lens, but then I would need to
+  -- use the 'channel' accessor somehow or export it
+  fmap (\Channel{..} -> JsonChannel{..}) <$> runDB (userChannels (view (field @"username") user))
+
+newChannelHandler :: AuthResult SafeUser -> JsonChannel -> AppM UpdateChannel
+newChannelHandler auth JsonChannel{..} = flip requireLoggedIn auth $ \user -> do
+  $logInfo $ "Creating channel for user " <> pack (show user)
+  mChannel <- fmap toChannel <$> runDB (insertChannel (view (field @"username") user) channel visibility)
+  maybe (throwM err403{errBody="Could not create the channel"}) return mChannel
+
+toChannel :: Channel -> UpdateChannel
+toChannel Channel{..} = UpdateChannel{..}

backend/src/Server/API/Users.hs

@@ -5,7 +5,7 @@
 {-# Language TypeOperators #-}
 {-# Language DuplicateRecordFields #-}
 {-# Language TypeApplications #-}
-module API.Users  where
+module Server.API.Users  where
 
 import Servant
 import ClassyPrelude

backend/src/Server/Auth.hs

@@ -24,21 +24,8 @@ import Control.Lens (view)
 import Data.Generics.Product
 import Servant (err401)
 import Control.Monad.Logger
+import Auth (SafeUser(..))
 
--- generic-lens can convert similar types to this
--- I'm trying out servant-auth-server which uses a jwt style login. IIRC anyone
--- can open the jwt token and view what's inside, you just can't modify it.
---
--- Is it a problem that a human readable username and email are visible?
-data SafeUser = SafeUser { email :: Email
-                         , username :: Username
-                         , role :: Role }
-              deriving (Show, Generic)
-
-instance ToJSON SafeUser where
-instance FromJSON SafeUser where
-instance ToJWT SafeUser where
-instance FromJWT SafeUser where
 
 type instance BasicAuthCfg = BasicAuthData -> IO (AuthResult SafeUser)
 

common/LICENSE

@@ -0,0 +1,30 @@
+Copyright (c) 2018, Mats Rauhala
+
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+
+    * Redistributions in binary form must reproduce the above
+      copyright notice, this list of conditions and the following
+      disclaimer in the documentation and/or other materials provided
+      with the distribution.
+
+    * Neither the name of Mats Rauhala nor the names of other
+      contributors may be used to endorse or promote products derived
+      from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

common/common.cabal

@@ -0,0 +1,48 @@
+name:                common
+version:             0.1.0.0
+-- synopsis:
+-- description:
+license:             BSD3
+license-file:        LICENSE
+author:              Mats Rauhala
+maintainer:          mats.rauhala@iki.fi
+-- copyright:
+category:            Web
+build-type:          Simple
+extra-source-files:  ChangeLog.md
+cabal-version:       >=1.10
+
+library
+  exposed-modules:     Configuration
+                     , Data.Versioned
+                     , API
+                     , API.Books
+                     , API.Catalogue
+                     , API.Channels
+                     , API.Users
+                     , Auth
+  -- other-extensions:
+  build-depends:       base >=4.10 && <4.11
+                     , aeson
+                     , classy-prelude
+                     , dhall
+                     , foreign-store
+                     , generic-lens
+                     , lens
+                     , mtl
+                     , servant
+                     , servant-auth
+                     , servant-auth-server
+                     , servant-docs
+                     , servant-lucid
+                     , servant-multipart
+                     , text
+                     , transformers
+  hs-source-dirs:      src
+  default-extensions:  DeriveGeneric
+                     , NoImplicitPrelude
+                     , OverloadedStrings
+                     , RecordWildCards
+                     , TypeOperators
+                     , DataKinds
+  default-language:    Haskell2010

common/src/API.hs

@@ -0,0 +1 @@
+module API where

common/src/API/Books.hs

@@ -0,0 +1 @@
+module API.Books where

common/src/API/Catalogue.hs

@@ -0,0 +1 @@
+module API.Catalogue where

common/src/API/Channels.hs

@@ -0,0 +1,27 @@
+{-# Language DuplicateRecordFields #-}
+module API.Channels (API) where
+
+import Auth
+import ClassyPrelude
+import Data.Aeson
+import Servant.API
+import Servant.Auth as SA
+
+data JsonChannel = JsonChannel { channel :: Text
+                               , visibility :: Visibility }
+                 deriving (Show, Generic)
+data UpdateChannel = UpdateChannel { identifier :: ChannelID
+                                   , channel :: Text
+                                   , visibility :: Visibility }
+                 deriving (Show, Generic)
+
+instance ToJSON JsonChannel
+instance FromJSON JsonChannel
+instance ToJSON UpdateChannel
+instance FromJSON UpdateChannel
+
+type API = Auth '[SA.BasicAuth, SA.Cookie, SA.JWT] SafeUser :> BaseAPI
+
+type BaseAPI = "channels" :> ReqBody '[JSON] JsonChannel :> Post '[JSON] UpdateChannel
+          :<|> "channels" :> Capture "channel_id" ChannelID :> ReqBody '[JSON] UpdateChannel :> Put '[JSON] UpdateChannel
+          :<|> "channels" :> Get '[JSON] [JsonChannel]

common/src/API/Users.hs

@@ -0,0 +1 @@
+module API.Users where

common/src/Auth.hs

@@ -0,0 +1,26 @@
+{-# Language GeneralizedNewtypeDeriving #-}
+module Auth where
+
+import ClassyPrelude
+import Data.Aeson
+import Servant.Auth.Server (ToJWT, FromJWT)
+import Servant.API
+
+-- generic-lens can convert similar types to this
+-- I'm trying out servant-auth-server which uses a jwt style login. IIRC anyone
+-- can open the jwt token and view what's inside, you just can't modify it.
+--
+-- Is it a problem that a human readable username and email are visible?
+newtype Email = Email { unEmail :: Text } deriving (Show, ToJSON, FromJSON, ToHttpApiData, FromHttpApiData)
+
+newtype Username = Username { unUsername :: Text } deriving (Show, ToJSON, FromJSON, ToHttpApiData, FromHttpApiData)
+
+data SafeUser = SafeUser { email :: Email
+                         , username :: Username
+                         }
+              deriving (Show, Generic)
+
+instance ToJSON SafeUser where
+instance FromJSON SafeUser where
+instance ToJWT SafeUser where
+instance FromJWT SafeUser where

default.nix

@@ -1,10 +1,12 @@
-{ mkDerivation, base, stdenv }:
+{ nixpkgs, haskellPackages }:
-mkDerivation {
+
-  pname = "ebook-manager";
+(import ./project.nix nixpkgs) {
-  version = "0.1.0.0";
+  packages = {
-  src = ./.;
+    common = ./common;
-  isLibrary = false;
+    backend = ./backend;
-  isExecutable = true;
+  };
-  executableHaskellDepends = [ base ];
+  tools = with haskellPackages; [
-  license = stdenv.lib.licenses.bsd3;
+    ghcid
+    hasktags
+  ];
 }

migrations/V1.1__Channel_visibility.sql

@@ -0,0 +1 @@
+alter table channels add column visibility text NOT NULL default 'Private';

project.nix

@@ -0,0 +1,38 @@
+nixpkgs:
+
+let
+
+  inherit (nixpkgs.lib) mapAttrs mapAttrsToList escapeShellArg optionalString concatStringsSep concatMapStringsSep;
+
+in
+
+{ packages
+, overrides ? _ : _ : {}
+, tools ? []
+}:
+
+let
+
+  overrides' = nixpkgs.lib.foldr nixpkgs.lib.composeExtensions (_: _: {}) [
+    (self: super: mapAttrs (name: path: self.callCabal2nix name path {}) packages)
+  ];
+  haskellPackages = nixpkgs.haskellPackages.override { overrides = overrides'; };
+  packages' = mapAttrs (name: _: haskellPackages."${name}") packages;
+  mkShell = name: pkg:
+  let
+    n =  "${name}-shell";
+    deps = haskellPackages.ghcWithPackages (pkgs: pkg.buildInputs);
+  in
+  {
+    name = "${n}";
+    value = nixpkgs.buildEnv {
+      name = "${n}";
+      paths = tools ++ [deps];
+      buildInputs = tools ++ [deps];
+    };
+  };
+  shells = nixpkgs.lib.listToAttrs (mapAttrsToList mkShell packages');
+
+in
+
+packages' // shells

release.nix

@@ -0,0 +1,15 @@
+{ nixpkgs ? import <nixpkgs> {} }:
+
+let
+
+  pinnedVersion = nixpkgs.lib.importJSON ./nixpkgs-version.json;
+  pinnedPkgs = import (nixpkgs.fetchFromGitHub {
+    owner = "NixOS";
+    repo = "nixpkgs";
+    inherit (pinnedVersion) rev sha256;
+  }) {};
+  inherit (pinnedPkgs) pkgs;
+
+  in
+
+import ./default.nix { nixpkgs = pinnedPkgs; haskellPackages = pinnedPkgs.haskellPackages; }

src/API/Channels.hs

@@ -1,51 +0,0 @@
-{-# Language DataKinds #-}
-{-# Language TypeFamilies #-}
-{-# Language TypeOperators #-}
-{-# Language NoImplicitPrelude #-}
-{-# Language MultiParamTypeClasses #-}
-{-# Language OverloadedStrings #-}
-{-# Language TemplateHaskell #-}
-{-# Language QuasiQuotes #-}
-{-# Language RecordWildCards #-}
-{-# Language DeriveGeneric #-}
-{-# Language FlexibleInstances #-}
-{-# Language TypeApplications #-}
-{-# Language DataKinds #-}
-module API.Channels (API, handler, JsonChannel(..)) where
-
-import Servant
-import Types
-import ClassyPrelude
-import Server.Auth
-import Servant.Auth as SA
-import Control.Monad.Logger
-import Database
-import Database.Channel
-import Data.Aeson
-import Control.Lens
-import Data.Generics.Product
-
-data JsonChannel = JsonChannel { channel :: Text } deriving (Show, Generic)
-
-instance ToJSON JsonChannel
-instance FromJSON JsonChannel
-
-type API = Auth '[SA.BasicAuth, SA.Cookie, SA.JWT] SafeUser :> BaseAPI
-
-type BaseAPI = "channels" :> ReqBody '[JSON] JsonChannel :> Put '[JSON] JsonChannel
-          :<|> "channels" :> Get '[JSON] [JsonChannel]
-
-handler :: ServerT API AppM
-handler user = newChannelHandler user :<|> listChannelsHandler user
-
-listChannelsHandler :: AuthResult SafeUser -> AppM [JsonChannel]
-listChannelsHandler = requireLoggedIn $ \user ->
-  -- I could use the super thing from generic-lens, but then I would need to
-  -- use the 'channel' accessor somehow or export it
-  fmap (\Channel{..} -> JsonChannel{..}) <$> runDB (userChannels (view (field @"username") user))
-
-newChannelHandler :: AuthResult SafeUser -> JsonChannel -> AppM JsonChannel
-newChannelHandler auth ch@JsonChannel{..} = flip requireLoggedIn auth $ \user -> do
-  $logInfo $ "Creating channel for user " <> pack (show user)
-  runDB (insertChannel (view (field @"username") user) channel)
-  return ch

src/Database/Channel.hs

@@ -1,46 +0,0 @@
-{-# Language TypeApplications #-}
-{-# Language DataKinds #-}
-module Database.Channel
-  ( userChannels
-  , insertChannel
-  , booksChannels
-  , Channel(..)
-  , ChannelID )
-  where
-
-import ClassyPrelude
-import Database.Schema
-import Database
-import Database.Selda
-
-userChannels :: (MonadMask m, MonadIO m) => Username -> SeldaT m [Channel]
-userChannels username = fromRels <$> query q
-  where
-    q = do
-      userId :*: _ :*: username' :*: _ <- select (gen users)
-      channel@(_ :*: _ :*: owner) <- select (gen channels)
-      restrict (owner .== userId)
-      restrict (username' .== literal username)
-      return channel
-
-insertChannel :: (MonadMask m, MonadIO m) => Username -> Text -> SeldaT m ()
-insertChannel username channel = do
-  mUserId <- listToMaybe <$> getUser
-  void $ forM mUserId $ \userId ->
-    insertUnless (gen channels) (doesNotExist userId) [ def :*: channel :*: userId ]
-  where
-    doesNotExist userId (_ :*: channel' :*: userId') = channel' .== literal channel .&& userId' .== literal userId
-    getUser = query $ do
-      userId :*: _ :*: user :*: _ <- select (gen users)
-      restrict (user .== literal username)
-      return userId
-
-booksChannels :: (MonadMask m, MonadIO m) => BookID -> SeldaT m [Channel]
-booksChannels contentHash = fromRels <$> query q
-  where
-    q = do
-      channelId :*: contentHash' <- select (gen bookChannels)
-      ch@(channelId' :*: _) <- select (gen channels)
-      restrict (channelId .== channelId')
-      restrict (contentHash' .== literal contentHash)
-      return ch